CISSP Domain – Operations Security

This course is included in our On-demand training solution.


In today’s enterprise environment, operations security takes on many faces, but always comes back to making sure that all aspects of the operation of an enterprise environment are secured and functioning correctly. This course delves into the mechanisms used to track security threats, resource protection, and securing the enterprise environment. This course guides you through the Common Body of Knowledge (CBK) recommended by the International Information Systems Security Certification Consortium (ISC2) for its Certified Information Systems Security Professional (CISSP) certification. The CISSP credential certifies student expertise in ten different knowledge domains.

Target Audience

Mid- and senior-level managers who are working toward or have already attained positions as CISOs, CSOs, or Senior Security Engineers


Expected Duration

150 min.

Course Objectives

Operations Security Overview

  • recognize the activities involved in securing the operations of an enterprise
  • Security Audits and Resource Availability

  • classify audit measures as either internal or external
  • identify the technologies used to maintain resource availability
  • Network Violations

  • match the attack type to their potential effects
  • recognize different approaches to securing operations
  • Auditing and Monitoring

  • identify how audit trails can be used in operations security
  • differentiate between monitoring tools and techniques
  • Analyzing Violations

    Protecting Resources and Securing E-mail

  • identify the reasons for resource protection
  • distinguish between e-mail protocols
  • recognize different types of e-mail vulnerability
  • The World Wide Web and File Transfer Protection

  • recognize security issues associated with the web interfacing
  • identify the characteristics of technologies for transferring and sharing files over the Internet
  • Attack Framework and Separation of Duties

  • match the reconnaissance methods to their descriptions
  • identify the key considerations involved in implementing administrative controls
  • specify how to secure media and media storage devices
  • Network Security